2023-10-11 22:14:01 +02:00
# WID Notifier
2023-10-13 20:35:02 +02:00
The German [BSI ](https://www.bsi.bund.de/ ) and [LSI Bavaria ](https://lsi.bayern.de/ ) each have a page listing current security notices.
2023-10-11 22:14:01 +02:00
2023-10-13 20:35:02 +02:00
- BSI: https://wid.cert-bund.de/portal/wid/kurzinformationen
- LSI: https://wid.lsi.bayern.de/portal/wid/warnmeldungen
This software queries the APIs of these services for new security notices and sends configurable email notifications.
2023-10-11 22:14:01 +02:00
## Supported Platforms
This Software only supports Linux.
2023-10-13 20:35:02 +02:00
## API Endpoints
| | ID | Portal URL |
|-----|--------|-------------------------------------------------------|
| BSI | `bund` | https://wid.cert-bund.de/portal/wid/kurzinformationen |
| LSI | `bay` | https://wid.lsi.bayern.de/portal/wid/warnmeldungen |
2023-10-13 19:58:24 +02:00
2023-10-13 20:35:02 +02:00
# Usage
2023-10-13 19:58:24 +02:00
2023-10-13 20:35:02 +02:00
After building the application using `go build` , run
```bash
./wid-notifier < configfile >
```
where `<configfile>` is the path of your configuration file. If you don't have a config file yet, the software will create an initial config at the given location. See [Configuration ](#configuration ) for more info.
# Configuration
2023-10-11 22:14:01 +02:00
Example:
```json
{
"api_fetch_interval": 600,
"enabled_api_endpoints": [
"bay",
"bund"
],
"datafile": "data",
"recipients": [
{
"address": "guenther@example .org",,
"include": [
{"classification": "kritisch"},
{"title_contains": "jQuery"}
]
}
],
"smtp": {
2023-10-11 23:46:11 +02:00
"from": "from@example .org",
2023-10-11 22:14:01 +02:00
"host": "example.org",
"port": 587,
"user": "from@example .org",
"password": "SiEhAbEnMiChInSgEsIcHtGeFiLmTdAsDüRfEnSiEnIcHt"
},
"template": {
"subject": "",
"body": ""
}
}
```
## Filters
2023-10-13 20:51:35 +02:00
You define filters for notices to be sent per recipient. Multiple filters can be set per recipient and multiple criteria can be used per filter. The configuration field for those filters is `include` . See [Configuration ](#configuration ) for an example.
If a notice is included is determined by the following logic:
```
{criteria, criteria, ... ALL APPLY}
OR {criteria, criteria, ... ALL APPLY}
OR ...
```
The following criteria are available. Criteria marked with `*` are for optional fields that are not supported by every API endpoint (e.g. https://wid.lsi.bayern.de) - notices from those endpoints will therefore not be included when using those criteria in filters.
2023-10-11 22:14:01 +02:00
```json
"include": [
{
"any": false,
"title_contains": "",
"classification": "",
"min_basescore": 0,
"status": "",
"products_contain": "",
2023-10-13 19:58:24 +02:00
"no_patch": "",
"api_endpoint": ""
2023-10-11 22:14:01 +02:00
},
...
]
```
### any
Includes all notices if set to `true` .
```json
2023-10-13 20:51:35 +02:00
"any": true
2023-10-11 22:14:01 +02:00
```
### title_contains
Include notices whose title contains this text.
```json
2023-10-13 20:51:35 +02:00
"title_contains": "Denial Of Service"
2023-10-11 22:14:01 +02:00
```
If set to `""` , this criteria will be ignored.
### classification
Include notices whose classification is in this list.
Classification can be `"kritisch"` , `"hoch"` , `"mittel"` or `"niedrig"` .
```json
2023-10-13 20:51:35 +02:00
"classification": "hoch"
2023-10-11 22:14:01 +02:00
```
If set to `""` , this criteria will be ignored.
### min_basescore `*`
Include notices whose basescore (`0` - `100` ) is >= `min_basescore` .
```json
2023-10-13 20:51:35 +02:00
"min_basescore": 40
2023-10-11 22:14:01 +02:00
```
This criteria will be ignored if set to `0` .
### status `*`
Include notices with this status. This is usually either `NEU` or `UPDATE` .
```json
2023-10-13 20:51:35 +02:00
"status": "NEU"
2023-10-11 22:14:01 +02:00
```
If set to `""` , this criteria will be ignored.
### products_contain `*`
Include notices whose product list contains this text.
```json
2023-10-13 20:51:35 +02:00
"products_contain": "Debian Linux"
2023-10-11 22:14:01 +02:00
```
If set to `""` , this criteria will be ignored.
### no_patch `*`
If set to `"true"` , notices where no patch is available will be included.
```json
2023-10-13 20:51:35 +02:00
"no_patch": "true"
2023-10-11 22:14:01 +02:00
```
If set to `"false"` , notices where no patch is available will be included.
```json
2023-10-13 20:51:35 +02:00
"no_patch": "false"
2023-10-11 22:14:01 +02:00
```
If set to `""` , this criteria will be ignored.
2023-10-13 19:58:24 +02:00
### api_endpoint
2023-10-13 20:35:02 +02:00
Includes notices from the given [API Endpoint ](#api-endpoints ).
2023-10-13 19:58:24 +02:00
2023-10-13 20:51:35 +02:00
```json
"api_endpoint": "bund"
```
If set to `""` , this criteria will be ignored.
2023-10-11 22:14:01 +02:00
## Templates
2023-10-13 20:35:02 +02:00
If you don't like the default appearance of the notification mails, you can write your own templates for the mail subject and body.
2023-10-11 22:14:01 +02:00
The syntax for the mail templates is described [here ](https://pkg.go.dev/text/template ).
All fields from the WidNotice struct can be used.
```go
type WidNotice struct {
2023-10-11 22:22:49 +02:00
Uuid string
Name string
Title string
Published time.Time
Classification string
// optional fields (only fully supported by cert-bund)
Basescore int // -1 = unknown
Status string // "" = unknown
ProductNames []string // empty = unknown
Cves []string // empty = unknown
NoPatch string // "" = unknown
2023-10-11 22:14:01 +02:00
// metadata
2023-10-13 19:58:24 +02:00
ApiEndpointId string
2023-10-11 22:22:49 +02:00
PortalUrl string
2023-10-11 22:14:01 +02:00
}
```
For an example, take a look at `DEFAULT_SUBJECT_TEMPLATE` and `DEFAULT_BODY_TEMPLATE` in [template.go ](./template.go ).
